# Copyright 1999-2019 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

# /etc/conf.d/rngd
# Please see "/usr/sbin/rngd --help" and "man rngd" for more information

# Space-delimited list of entropy sources to enable
# Note that some of the entropy sources may require certain USE flags
# to be enabled or require hardware support to function properly
# Entropy sources not specified here (or in the exclude list below)
# will be enabled/disabled based on rngd default behavior
#
# Choose from the list:
#         hwrng:  Hardware RNG Device
#         tpm:    TPM RNG Device (Deprecated)
#         rdrand: Intel RDRAND Instruction RNG
#         darn:   Power9 DARN Instruction RNG
#         nist:   NIST Network Entropy Beacon
#                 (UNSAFE for cryptographic operations)
#         jitter: JITTER Entropy Generator
#         pkcs11: PKCS11 Entropy Generator
#
#INCLUDE_ENTROPY_SOURCES="hwrng tpm rdrand darn nist jitter pkcs11"


# Space-delimited list of entropy sources to disable
# This is useful for disabling certain entropy sources even
# when they are supported on the system
#
#EXCLUDE_ENTROPY_SOURCES="nist tpm"


# Entropy source specific options:
#
#
# hwrng device used for random number input:
#
#HWRNG_DEVICE="/dev/hwrng"
#
#
# rdrand options:
#         use_aes:(BOOLEAN)
#
#RDRAND_OPTIONS="use_aes:1"
#
#
# darn options:
#         use_aes:(BOOLEAN)
#
#DARN_OPTIONS="use_aes:1"
#
#
# jitter options:
#         thread_count:(INTEGER)
#         buffer_size:(INTEGER)
#         refill_thresh:(INTEGER)
#         retry_count:(INTEGER)
#         retry_delay:(INTEGER)
#         use_aes:(BOOLEAN)
#
#JITTER_OPTIONS="thread_count:4 buffer_size:16535 refill_thresh:16535"
#JITTER_OPTIONS="${JITTER_OPTIONS} retry_count:1 retry_delay:-1 use_aes:1"
#
#
# pkcs11 options:
#         engine_path:(STRING)
#         chunk_size:(INTEGER)
#
#PKCS11_OPTIONS="engine_path:/usr/lib64/opensc-pkcs11.so chunk_size:1"


# Kernel device used for random number output
#
#RANDOM_DEVICE="/dev/random"


# Random step (Number of bytes written to random-device at a time):
#
#STEP=64


# Fill watermark
# 0 <= n <= `sysctl kernel.random.poolsize`
#
#WATERMARK=2048


# Any extra arguments for rngd
#
#EXTRA_ARGS=""
